Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Stored Cross-Site Scripting Vulnerabilities
Description
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated stored XSS in Cisco Small Business RV series routers allows attackers to execute arbitrary script in the management interface.
Vulnerability
Multiple stored cross-site scripting (XSS) vulnerabilities exist in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The vulnerabilities are due to insufficient input validation by the interface. An authenticated attacker with valid administrator credentials can inject malicious script via crafted HTTP requests, which is then stored and executed when other administrators access the affected pages. All firmware versions of these models are affected [1].
Exploitation
An attacker must have valid administrator credentials for the affected device. The web-based management interface is accessible over the local LAN by default, or over the WAN if remote management is enabled. The attacker sends a crafted HTTP request containing malicious script to a vulnerable input field. When another administrator views the page containing the stored script, the script executes in the context of the victim's browser session [1].
Impact
Successful exploitation allows the attacker to execute arbitrary script code in the context of the affected web-based management interface. This can lead to disclosure of sensitive browser-based information (e.g., session tokens, cookies) and potentially allow the attacker to perform administrative actions on behalf of the victim. The compromise is limited to the web interface and does not provide direct access to the underlying operating system [1].
Mitigation
Cisco has released firmware updates to address these vulnerabilities; refer to the Cisco Security Advisory [1] for the specific fixed versions. No workarounds are available. The remote management feature should be disabled if not required to reduce exposure [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQCmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.